Added OCP 3.7 Release Notes#6008
Merged
ahardin-rh merged 1 commit intoopenshift:masterfrom Nov 29, 2017
Merged
Conversation
ahardin-rh
force-pushed
the
ocp-3-7-release-notes
branch
from
f530799 to
a4b2ee7
Compare
ahardin-rh
changed the title
ahardin-rh
changed the title
ahardin-rh
force-pushed
the
ocp-3-7-release-notes
branch
from
a4b2ee7 to
748599a
Compare
ahardin-rh
force-pushed
the
ocp-3-7-release-notes
branch
7 times, most recently
from
96d3634 to
13677bf
Compare
jhou1
reviewed
Nov 15, 2017
| applications at scale. This is due to the introduction of brick-multiplexing | ||
| support in GlusterFS. | ||
|
|
||
| Over 1,000 volumes in a 3-node cluster with 32 GB per node available to |
jhou1
reviewed
Nov 15, 2017
|
|
||
| Over 1,000 volumes in a 3-node cluster with 32 GB per node available to | ||
| GlusterFS has been successfully tested. Also, 300 Block PVs are supported now on | ||
| 3-node CNS . |
jhou1
reviewed
Nov 15, 2017
| ==== CNS Multi-protocol (File, Block, and S3) Support for OpenShift | ||
|
|
||
| Container-native storage (CNS) is now extended support iSCSI and S3 back end for | ||
| {product-title}. Heketi is enhanced to support persistent volume (PV) expansion, |
wkshi
reviewed
Nov 15, 2017
| that can be run and output can be sent as file-based output. | ||
|
|
||
| ---- | ||
| $ ansible-playbook playbooks/byo/openshift-checks/adhoc.yml |
There was a problem hiding this comment.
Known issue: https://bugzilla.redhat.com/show_bug.cgi?id=1509157
qinpingli
reviewed
Nov 15, 2017
|
|
||
| .Namespece-specific Example | ||
| ---- | ||
| piVersion: v1 |
qinpingli
reviewed
Nov 15, 2017
| Alternatively, they can use an external provisioner and feed it the node | ||
| configuration via `configMaps`. | ||
|
|
||
| Example persistent volume named `example-local-pv` that some tenant can now claim: |
|
Are we still encourage customers use quick installer in 3.7? Know issues: |
qinpingli
reviewed
Nov 15, 2017
| ---- | ||
| $ oc create -f snapshot.yaml | ||
|
|
||
| apiVersion: volume-snapshot-data.external-storage.k8s.io/v1 |
There was a problem hiding this comment.
apiVersion: volumesnapshot.external-storage.k8s.io/v1
all-in-one cluster "# ETCD_DIR=/var/lib/origin/openshift.local.etcd" Shouldbe: From v3.7 there is no embedded etcd now. If older version is embedded etcd, user need to migrate embedded etcd to external etcd first. And we still support two deployed external etcd (etcd on master & etcd not on master).
[1]https://bugzilla.redhat.com/show_bug.cgi?id=1496372
|
| defined in a role. | ||
|
|
||
| [[ocp-37-flexvolume-support-for-non-stotage-use-cases]] | ||
| ==== Official FlexVolune Support for Non-storage Use Cases |
Member
There was a problem hiding this comment.
This is more like a storage feature, but for the security part, maybe we can write something about "SCC now support flexVolume" that we did in this card: https://trello.com/c/YT6sNEay/61-5-scc-flex-volume-support-sccfsi37
bmeng
reviewed
Nov 15, 2017
| traffic to allow. The annotation is as follows: | ||
|
|
||
| ---- | ||
| $ oc annotate namespace ${ns} 'net.beta.kubernetes.io/network-policy={"ingress":{"isolation":"DefaultDeny"}}' |
There was a problem hiding this comment.
The annotation is not needed now when we are using the v1 api.
duyanyan
reviewed
Nov 15, 2017
| Example: | ||
|
|
||
| ---- | ||
| clusterNetworkCIDR: 10.1.0.0/24, 10.1.5.0/24, 10.2.1.0/24 … |
There was a problem hiding this comment.
The example should be like this:
networkConfig:
clusterNetworkCIDR: 10.128.0.0/24
clusterNetworks:
- cidr: 11.128.0.0/24
hostSubnetLength: 6
- cidr: 12.128.0.0/24
hostSubnetLength: 6
- cidr: 13.128.0.0/24
hostSubnetLength: 4
externalIPNetworkCIDRs:
- 0.0.0.0/0
hostSubnetLength: 6
| There are multiple comma-delimited CIDRs in the configuration file. Each node is | ||
| allocated only a single subnet from within any of the available ranges. You can | ||
| not allocate different-sized host subnets, or use this to change the host subnet | ||
| size The `clusterNetworkCIDRs` can be different sizes, but must be equal to or |
There was a problem hiding this comment.
Nodes could allocate different-sized subnets by setting different hostSubnetLength
Lack of period between size The
| allocated only a single subnet from within any of the available ranges. You can | ||
| not allocate different-sized host subnets, or use this to change the host subnet | ||
| size The `clusterNetworkCIDRs` can be different sizes, but must be equal to or | ||
| larger than the host subnet size It is not allowed to have some nodes use |
liangxia
reviewed
Nov 15, 2017
| their current application. | ||
|
|
||
| An external provisioner is used to access the EBS, GCE pDisk, HostPath, and | ||
| Cinder snapshotting API. This Technology Preview feature has tested EBS and |
Contributor
There was a problem hiding this comment.
As far as I can see, Cinder is not supported at the moment. https://trello.com/c/owCRnP8I/521-13-snapshot-implement-the-out-of-tree-snapshotting-controller
Contributor
There was a problem hiding this comment.
@xltian what test cases do we have in this area?
liangxia
reviewed
Nov 15, 2017
| ---- | ||
| $ oc create -f snapshot.yaml | ||
|
|
||
| apiVersion: volume-snapshot-data.external-storage.k8s.io/v1 |
Contributor
There was a problem hiding this comment.
The apiVersion has changed to "volumesnapshot.external-storage.k8s.io/v1"
liangxia
reviewed
Nov 15, 2017
| The `generatedeploymentconfig` API endpoint is now removed | ||
|
|
||
| [discrete] | ||
| [[deprecating-some-plicy-related-apis]] |
bparees
requested changes
Nov 15, 2017
| data centers, enabling organizations to implement a private PaaS that meets | ||
| security, privacy, compliance, and governance requirements. | ||
|
|
||
| [[ocp-36-about-this-release]] |
| xref:../install_config/index.adoc#install-config-index[Installation and | ||
| Configuration] documentation. | ||
|
|
||
| [[ocp-36-new-features-and-enhancements]] |
| CRI-O v1.0 (currently in xref:ocp-37-technology-preview[Technology Preview]) is a | ||
| lightweight, native Kubernetes container runtime interface. By design, it | ||
| provides only the runtime capabilities needed by the kublet. CRI-O is designed | ||
| to be part of Kubernetes and evolve in lock-step with the platform. |
Contributor
| clusterNetworkCIDR: 10.1.0.0/24, 10.1.5.0/24, 10.2.1.0/24 … | ||
| ---- | ||
|
|
||
| [[ocp-37-routes-alloed-to-set-cookie-names-for-session-stickiness]] |
|
|
||
| * To set parameters, create a secret with values. | ||
| * Create a `TemplateInstance` containing the whole template you want to | ||
| instantiate, and a reference to the secret created above. |
Contributor
There was a problem hiding this comment.
this references "the secret created above" but there are no instructions for creating the secret. Anyway we have official docs for this, can we just point there instead of duplicating it here?
https://docs.openshift.org/latest/rest_api/examples.html#template-instantiation
| {product-title} now includes needed Prometheus monitoring and alerting. Expose | ||
| build step timings (time to pull images, fetch sources, run assemble, commit | ||
| images, push images). Expose failure reasons (for example, see that builds are | ||
| consistently failing due to failure to fetch source). |
Contributor
There was a problem hiding this comment.
the build step timings are not exposed as prometheus metrics. So this is two things:
- prometheus metrics that show you the health of builds in the system (number running, failing, failure reasons, etc)
- timing information on build objects themselves to show how long they spent in various steps (not exposed as prometheus metrics)
| break down an entire configuration map or secret into environment variables without | ||
| explicitly setting `env name` to `key mappings`. | ||
|
|
||
| [[ocp-36-notable-technical-changes]] |
Contributor
There was a problem hiding this comment.
-37- (probably need to grep the whole file for these)
liangxia
reviewed
Nov 17, 2017
| ==== Official FlexVolune Support for Non-storage Use Cases | ||
|
|
||
| There is now a supported interface to allow you to bind and mount in content | ||
| from a running pod. FlexVolume is a script interface that runs on the kublet and |
liangxia
reviewed
Nov 17, 2017
| xref:../admin_guide/managing_networking.adoc#admin-guide-manage-networking[Managing | ||
| Networking] for more information. | ||
|
|
||
| [[ocp-27-cluster-ip-range-more-flexible]] |
liangxia
reviewed
Nov 17, 2017
| Me Again* per quota type. Administrators can create custom messages to the quota | ||
| warning. | ||
|
|
||
| [[ocp-47-environment-variable-editor-added-to-stateful-sets-page]] |
liangxia
reviewed
Nov 17, 2017
| [[ocp-37-installation]] | ||
| === Installation | ||
|
|
||
| [[ocp-37-migrate-etcd-before-upgarde]] |
liangxia
reviewed
Nov 17, 2017
| === Metrics and Logging | ||
|
|
||
| [[ocp-37-journald-system-logs]] | ||
| ==== Jouranld for System Logs and JSON File for Container Logs |
liangxia
reviewed
Nov 17, 2017
| on OpenShift] for more information. | ||
|
|
||
| [[ocp-37-integrated-approach-to-adding-hosa]] | ||
| ==== Integrated Approach to Adding Hawkular OpenShift Agent (Techology Preview) |
liangxia
reviewed
Nov 17, 2017
| consisting of: | ||
|
|
||
| * a simple directory structure with named action playbooks. | ||
| * metadata (required and optional parameters, as well asdependencies). |
Contributor
There was a problem hiding this comment.
Missing space between "asdependencies"
liangxia
reviewed
Nov 17, 2017
| manually using standardized container creation tooling, or with APB tooling that | ||
| Red Hat will deliver, which provides a guided approach to creation. | ||
|
|
||
| [[ocp-37-iopenshift-template-broker]] |
Contributor
There was a problem hiding this comment.
Extra 'i' before openshift
liangxia
reviewed
Nov 17, 2017
|
|
||
| image::3.7-bind-mongodb-nodejs-at-creation.gif[connect a service] | ||
|
|
||
| [[ocp-37-include-templates-from-oter-projects]] |
liangxia
reviewed
Nov 17, 2017
| {product-title} 3.7 introduces the following notable technical changes. | ||
|
|
||
| [discrete] | ||
| [[ocpapi-connectivity-variables-now-deprecated]] |
Contributor
There was a problem hiding this comment.
Missing '-' between "ocapi"
liangxia
reviewed
Nov 17, 2017
| than the published OpenShift API service endpoints. To connect to the OpenShift | ||
| API in these contexts, use | ||
| xref:../dev_guide/service_accounts.adoc#dev-guide-service-accounts[service DNS] | ||
| or the automatically exposed `KUBERENTES` |
|
Hello, is encrypting_data section supposed to say "This is an alpha feature and may change in future" in 3.7 (it was mentioned as alpha in 3.6 as well)? |
juzhao
reviewed
Nov 23, 2017
|
|
||
| Docker log driver is set to `json-fiile` as the default for all nodes. Docker | ||
| `log-driver` can be set to `journal`, but there is no log rate throttling with | ||
| journal driver. So, there is always a risk for denial-of-service attacks from |
ahardin-rh
force-pushed
the
ocp-3-7-release-notes
branch
from
13677bf to
a1b3d34
Compare
openshift-ci-robot
added
the
size/XXL
ahardin-rh
force-pushed
the
ocp-3-7-release-notes
branch
4 times, most recently
from
a6e0124 to
d0effbb
Compare
ahardin-rh
changed the title
ahardin-rh
force-pushed
the
ocp-3-7-release-notes
branch
from
d0effbb to
08d40a6
Compare
Contributor
|
🔥 🔥 🔥 🔥 🔥 🔥 🔥 |
|
@adellape the default logger driver is Journald in v3.7. https://bugzilla.redhat.com/show_bug.cgi?id=1513409. |
juzhao
reviewed
Nov 29, 2017
| ==== Jourald for System Logs and JSON File for Container Logs | ||
|
|
||
| Docker log driver is set to `json-file` as the default for all nodes. Docker | ||
| `log-driver` can be set to `journal`, but there is no log rate throttling with |
Contributor
Author
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
19 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Preview Build: http://file.rdu.redhat.com/~ahardin/11142017/ocp-3-7-release-notes/release_notes/ocp_3_7_release_notes.html